Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...
GovInfoSecurity

Anthropic's Cowork Shipped With Known Vulnerability

Security researchers have demonstrated how Anthropic's new Claude Cowork productivity agent can be tricked into stealing user ...
The Hacker News

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA warns that hackers are actively exploiting a high-severity flaw in Gogs that can lead to remote code execution; no patch ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
Infosecurity Magazine

CISA Flags Actively Exploited Gogs Vulnerability With No Patch

A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution ...

Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Modular DS is a popular WordPress plugin used by more than 40,000 websites which allows website admins manage multiple ...
WinBuzzer

Security Flaw Resurfaces in Anthropic’s New Claude Cowork Tool Days After Launch

Anthropic has launched Cowork with a known data exfiltration vulnerability that researchers reported in October 2025 but ...
BankInfoSecurity

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...